Archive

schliz writes “Amazon Web Services will unveil its first Australian data centers on Tuesday, ending more than a year of speculation. The move is expected to address enterprises’ data soverignty and latency concerns, although local cloud providers argue that data held by U.S. company Amazon would still be subject to the Patriot Act.”

CowboyRobot writes “Jeremiah Grossman of Whitehat Security has an article at the ACM in which he outlines the current state of browser security, specifically drive-by downloads. ‘These attacks are primarily written with HTML, CSS, and JavaScript, so they are not identifiable as malware by antivirus software in the classic sense. They take advantage of the flawed way in which the Internet was designed to work.’ Grossman’s proposed solution is to make the desktop browser more like its mobile cousins. ‘By adopting a similar application model on the desktop using custom-configured Web browsers (let’s call them DesktopApps), we could address the Internet’s inherent security flaws. These DesktopApps could be branded appropriately and designed to launch automatically to Bank of America’s or Facebook’s Web site, for example, and go no further. Like their mobile application cousins, these DesktopApps would not present an URL bar or anything else making them look like the Web browsers they are on the surface, and of course they would be isolated from one another.’”

First time accepted submitter The_Buse writes “This week I lost my grandmother and after returning to work (as a web developer) I find myself looking for some way to dedicate something to her memory. Unfortunately, I’m no author so I can’t dedicate a book to her, and I can’t carry a tune so penning a song in her honor is out of the question. What I can do is write one hell of a web app, and after nearly a year of development my (small) team and I are nearing the release date of our next product. My question is, have you ever dedicated a project/app/code in honor of someone? What’s the best way to do it: comment blocks in the header, tongue-in-cheek file names, Easter eggs? Or is this a horrible idea all together?”

An anonymous reader writes “Last week, Mozilla announced it will prompt Firefox users on Windows with old versions of Adobe Reader, Adobe Flash, and Microsoft Silverlight to update their plugins, but refused to detail how the system will work. Now, the organization has unveiled ‘click-to-play plugin blocks,’ which will be on by default in Firefox 17, starting with the three aforementioned plugins. (Expect more to be added eventually.) Furthermore, you can try out the feature for yourself now in Firefox 17 beta for Windows, Mac, and Linux.” Also coming in Firefox 17 is support for Mozilla’s “Social API.” The announcement describes it thus: “Much like the OpenSearch standard, the Social API enables developers to integrate social services into the browser in a way that is meaningful and helpful to users. As services integrate with Firefox via the Social API sidebar, it will be easy for you to keep up with friends and family anywhere you go on the Web without having to open a new Web page or switch between tabs. You can stay connected to your favorite social network even while you are surfing the Web, watching a video or playing a game.”

First time accepted submitter Stiletto writes “I work for a traditional ‘old school’ software company that is trying to move into web services, now competing with smaller, nimbler ‘Web 2.0′ companies. Unfortunately our release process is still stuck in the ’90s. Paperwork and forms, sign-off meetings, and documentation approvals make it impossible to do even minor deployments to production faster than once a month. Major releases go out a couple of times a year. I’ve heard from colleagues in Bay Area companies who release weekly or daily (or even multiple times a day), allowing them to adapt quickly. Slashdotters, how often do you push software changes into production, and what best practices allow you to maintain that deployment rate without chaos?”

hypnosec writes “Apple, Adobe, Google, HP, Microsoft and many others have joined forces and launched a new resource – the Web Platform in a bid to create a ‘definitive resource’ for all open Web technologies. The companies have come together to provide developers with a single source of all the latest information about HTML5, CSS3, WebGL, SVG and other Web standards. The platform will also offer tips and best practices on web development as well as web technologies. ‘We are an open community of developers building resources for a better web, regardless of brand, browser or platform,’ notes the WebPlatform site.”

An anonymous reader writes “cHTeMeLe is a board game about writing HTML5 code. In cHTeMeLe, players endorse their favorite web browser (Firefox, Safari, Chrome, Opera, or IE) and then score points by correctly laying out HTML tags, while also trying to bug or crash their opponents’ code. From the article: ‘Despite cHTeMeLe’s technical theme, its developers claim you don’t need any web programming experience to play. The game takes web design standards and boils them down into game rules that even children can learn. To help less technical players keep everything straight, the tag cards use syntax highlighting that different parts of code have unique colors — just like an Integrated Developer Environment. No one is going to completely pick up HTML5 purely by playing cHTeMeLe, but it does have some educational value for understanding basic tags and how they fit together.’”

alphadogg writes “With an eye towards updating the Web to better accommodate complex and bandwidth-hungry applications, the Internet Engineering Task Force has started work on the next generation of HTTP, the underlying protocol for the Web. The HTTP Strict Transport Security (HSTS), is a security protocol designed to protect Internet users from hijacking. The HSTS is an opt-in security enhancement whereby web sites signal browsers to always communicate with it over a secure connection. If the user is using a browser that complies with HSTS policy, the browser will automatically switch to a secure version of the site, using ‘https’ without any intervention of the user. ‘It’s official: We’re working on HTTP/2.0,’ wrote IETF Hypertext Transfer Protocol working group chair Mark Nottingham, in a Twitter message late Tuesday.”